CVE-2009-2950

Name of the Vulnerable Software and Affected Versions OpenOffice.org (OOo) versions prior to 3.2

Description The issue is related to a heap-based buffer overflow in the GIFLZWDecompressor function, which can be triggered by a crafted GIF file. This can cause a denial of service, resulting in an application crash, or potentially allow the execution of arbitrary code. The vulnerability is associated with LZW decompression and can be exploited by a remote attacker to access confidential data, compromise data integrity, or disrupt service.

Recommendations For OpenOffice.org (OOo) versions prior to 3.2, update to version 3.2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of GIF files or restricting access to the GIFLZWDecompressor function until a patch is applied.